On Wed, Apr 19, 2017 at 9:33 PM, Jan Kiszka wrote:
> The firmware for Quark X102x prepends a security header to the capsule
> which is needed to support the mandatory secure boot on this processor.
> The header can be detected by checking for the "_CSH" signature and -
>
On Wed, Apr 19, 2017 at 02:31:13PM -0600, Baicar, Tyler wrote:
> Will do.
You don't necessarily have to reply with "will do" if you agree with the
review.
Also, please wait until I've gone through the whole pile before sending
it again.
Thanks.
--
Regards/Gruss,
Boris.
Good mailing
On 4/19/2017 12:31 PM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 05:05:13PM -0600, Tyler Baicar wrote:
A RAS (Reliability, Availability, Serviceability) controller
may be a separate processor running in parallel with OS
execution, and may generate error records for consumption by
the OS.
On Wed, Apr 19, 2017 at 08:37:38PM +0100, Matt Fleming wrote:
> On Wed, 19 Apr, at 09:29:06PM, Daniel Kiper wrote:
> > On Tue, Apr 18, 2017 at 02:46:50PM +0100, Matt Fleming wrote:
> > > On Thu, 06 Apr, at 04:55:11PM, Mark Rutland wrote:
> > > >
> > > > Please, let's keep the Xen knowledge
On Wed, 19 Apr, at 09:29:06PM, Daniel Kiper wrote:
> On Tue, Apr 18, 2017 at 02:46:50PM +0100, Matt Fleming wrote:
> > On Thu, 06 Apr, at 04:55:11PM, Mark Rutland wrote:
> > >
> > > Please, let's keep the Xen knowledge constrained to the Xen EFI wrapper,
> > > rather than spreading it further.
> >
On Tue, Apr 18, 2017 at 02:46:50PM +0100, Matt Fleming wrote:
> On Thu, 06 Apr, at 04:55:11PM, Mark Rutland wrote:
> >
> > Please, let's keep the Xen knowledge constrained to the Xen EFI wrapper,
> > rather than spreading it further.
> >
> > IMO, given reset_system is a *mandatory* function, the
The firmware for Quark X102x prepends a security header to the capsule
which is needed to support the mandatory secure boot on this processor.
The header can be detected by checking for the "_CSH" signature and -
to avoid any GUID conflict - validating its size field to contain the
expected value.
This picks up the patches Ard send before in [1], including the
"left-over" patches 6..8.
As Ard suggested, I've taken updated patches 6 and 7 of him from [2]
which address reviewer comments. Furthermore, I've changed patch 8 to
factor out the Quark quirk logic from the overloaded
From: Ard Biesheuvel
To give some leeway to code that handles non-standard capsule headers,
let's keep an array of page addresses rather than struct page pointers.
This gives special implementations of efi_capsule_setup_info() the
opportunity to mangle the payload a
From: Ard Biesheuvel
To allow platform specific code to hook into the capsule loading
routines, indirect calls to efi_capsule_setup_info() via a weak alias
of __efi_capsule_setup_info(), allowing platforms to redefine the former
but still use the latter.
Cc: Matt
On Tue, Apr 18, 2017 at 05:05:13PM -0600, Tyler Baicar wrote:
> A RAS (Reliability, Availability, Serviceability) controller
> may be a separate processor running in parallel with OS
> execution, and may generate error records for consumption by
> the OS. If the RAS controller produces multiple
On Wed, Apr 19, 2017 at 09:23:47AM -0500, Tom Lendacky wrote:
> Btw, I tried to update all the subjects and descriptions to be
> more descriptive but I'm sure there is still room for improvement
> so keep the comments on them coming.
No worries there :)
> Note, just because the bit is set in
4.10-stable review patch. If anyone has any objections, please let me know.
--
From: Omar Sandoval
commit 6f6266a561306e206e0e31a5038f029b6a7b1d89 upstream.
Reserving a runtime region results in splitting the EFI memory
descriptors for the runtime region. This
4.10-stable review patch. If anyone has any objections, please let me know.
--
From: Cohen, Eugene
commit 540f4c0e894f7e46a66dfa424b16424cbdc12c38 upstream.
The UEFI Specification permits Graphics Output Protocol (GOP) instances
without direct framebuffer
4.10-stable review patch. If anyone has any objections, please let me know.
--
From: Ard Biesheuvel
commit 55d728a40d368ba80443be85c02e641fc9082a3f upstream.
On UEFI systems, the PCI subsystem is enumerated by the firmware,
and if a graphical
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Cohen, Eugene
commit 540f4c0e894f7e46a66dfa424b16424cbdc12c38 upstream.
The UEFI Specification permits Graphics Output Protocol (GOP) instances
without direct framebuffer
On 4/19/2017 4:02 AM, Borislav Petkov wrote:
Always have a verb in the Subject to form a "do this" or "do that"
sentence to better explain what the patch does:
"Subject: [PATCH v5 01/32] x86: Add documentation for AMD Secure Memory Encryption
(SME)"
Will do.
Btw, I tried to update all the
Borislav Petkov wrote:
> "Subject: [PATCH v5 01/32] x86: Add documentation for AMD Secure Memory
> Encryption (SME)"
Or:
x86: Document AMD Secure Memory Encryption (SME) support
David
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body
Always have a verb in the Subject to form a "do this" or "do that"
sentence to better explain what the patch does:
"Subject: [PATCH v5 01/32] x86: Add documentation for AMD Secure Memory
Encryption (SME)"
On Tue, Apr 18, 2017 at 04:16:25PM -0500, Tom Lendacky wrote:
> Create a Documentation
19 matches
Mail list logo